Commit 476dfb35 authored by Miguel Mateo Montero's avatar Miguel Mateo Montero
Browse files

release 09-2020

parents
# Trusted Authority Server
This project provides de Trusted Authority Server of the project.
## Pre-requirement
Follow instructions to build and deploy the **Digital Currency library**:
https://scm.atosresearch.eu/fentec_digcur_uc_pub/digcur_lib_pub
## Configuration
This project used some of the properties of the configuration file **myMoney.properties** describe in: https://scm.atosresearch.eu/fentec_digcur_uc_pub/digcur_lib_pub#configuration
### logs
This project have its own configuration file for logs which mas be placed at the **conf** directory of the TOMCAT server:
```
/opt/tomcat/conf$ cat trustedAuth_log4j.properties
log4j.rootLogger=DEBUG, file
# Redirect log messages to console
log4j.appender.stdout=org.apache.log4j.ConsoleAppender
log4j.appender.stdout.Target=System.out
log4j.appender.stdout.layout=org.apache.log4j.PatternLayout
log4j.appender.stdout.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n
# Redirect log messages to a log file, support file rolling.
log4j.appender.file=org.apache.log4j.RollingFileAppender
log4j.appender.file.File=/opt/tomcat/logs/trustedAuth.log
log4j.appender.file.MaxFileSize=5MB
log4j.appender.file.MaxBackupIndex=10
log4j.appender.file.layout=org.apache.log4j.PatternLayout
log4j.appender.file.layout.ConversionPattern=%d{yyyy-MM-dd HH:mm:ss} %-5p %c{1}:%L - %m%n
```
## Compile and deploy
- go to the directory created when you clone this project, the one with the pom.xml file.
- compile: ```mvn clean install```
- deploy: you can copy the war file ```./target/trusted_authority_server.war``` to the directory **webapps** of the TOMCAT server or deploy using its admin web page.
<project xmlns="http://maven.apache.org/POM/4.0.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 http://maven.apache.org/maven-v4_0_0.xsd">
<modelVersion>4.0.0</modelVersion>
<groupId>eu.ari.fentec</groupId>
<artifactId>trustedAuthority_server</artifactId>
<packaging>war</packaging>
<version>1.0-SNAPSHOT</version>
<name>truestedAuthority_server Maven Webapp</name>
<url>http://maven.apache.org</url>
<build>
<finalName>trusted_authority_server</finalName>
<plugins>
<plugin>
<groupId>org.apache.maven.plugins</groupId>
<artifactId>maven-compiler-plugin</artifactId>
<version>2.5.1</version>
<inherited>true</inherited>
<configuration>
<source>1.8</source>
<target>1.8</target>
</configuration>
</plugin>
</plugins>
</build>
<dependencyManagement>
<dependencies>
<dependency>
<groupId>org.glassfish.jersey</groupId>
<artifactId>jersey-bom</artifactId>
<version>${jersey.version}</version>
<type>pom</type>
<scope>import</scope>
</dependency>
</dependencies>
</dependencyManagement>
<dependencies>
<dependency>
<groupId>org.glassfish.jersey.containers</groupId>
<artifactId>jersey-container-servlet-core</artifactId>
<!-- use the following artifactId if you don't need servlet 2.x compatibility -->
<!-- artifactId>jersey-container-servlet</artifactId -->
</dependency>
<dependency>
<groupId>org.glassfish.jersey.inject</groupId>
<artifactId>jersey-hk2</artifactId>
</dependency>
<dependency>
<groupId>org.glassfish.jersey.media</groupId>
<artifactId>jersey-media-json-binding</artifactId>
</dependency>
<dependency>
<groupId>junit</groupId>
<artifactId>junit</artifactId>
<version>3.8.1</version>
<scope>test</scope>
</dependency>
<dependency>
<groupId>com.google.code.gson</groupId>
<artifactId>gson</artifactId>
<version>2.8.2</version>
</dependency>
<dependency>
<groupId>log4j</groupId>
<artifactId>log4j</artifactId>
<version>1.2.17</version>
</dependency>
<dependency>
<groupId>org.json</groupId>
<artifactId>json</artifactId>
<version>20151123</version>
</dependency>
<dependency>
<groupId>com.squareup.okhttp3</groupId>
<artifactId>okhttp</artifactId>
<version>3.10.0</version>
</dependency>
<dependency>
<groupId>com.google.guava</groupId>
<artifactId>guava</artifactId>
<version>28.2-jre</version>
</dependency>
<dependency>
<groupId>eu.ari.fentec</groupId>
<artifactId>digcur_utils</artifactId>
<version>1</version>
</dependency>
</dependencies>
<properties>
<jersey.version>2.27</jersey.version>
<project.build.sourceEncoding>UTF-8</project.build.sourceEncoding>
</properties>
</project>
/**
*
*FENTEC Functional Encryption Technologies
*Privacy-preserving and Auditable Digital Currency Use Case
*Copyright © 2019 Atos Spain SA
*
*This program is free software: you can redistribute it and/or modify
*it under the terms of the GNU General Public License as published by
*the Free Software Foundation, either version 3 of the License, or
*(at your option) any later version.
*
*This program is distributed in the hope that it will be useful,
*but WITHOUT ANY WARRANTY; without even the implied warranty of
*MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
*GNU General Public License for more details.
*
*You should have received a copy of the GNU General Public License
*along with this program. If not, see <http://www.gnu.org/licenses/>.
**/
package eu.ari.fentec.audit;
/**
* Auditor entity
* @author A101866
*
*/
public class Auditor {
private String name;
private int attribute;
public Auditor (String name, int attribute) {
this.name = name;
this.attribute = attribute;
}
public String getName() {
return name;
}
public int getAttribute() {
return attribute;
}
}
/**
*
*FENTEC Functional Encryption Technologies
*Privacy-preserving and Auditable Digital Currency Use Case
*Copyright © 2019 Atos Spain SA
*
*This program is free software: you can redistribute it and/or modify
*it under the terms of the GNU General Public License as published by
*the Free Software Foundation, either version 3 of the License, or
*(at your option) any later version.
*
*This program is distributed in the hope that it will be useful,
*but WITHOUT ANY WARRANTY; without even the implied warranty of
*MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
*GNU General Public License for more details.
*
*You should have received a copy of the GNU General Public License
*along with this program. If not, see <http://www.gnu.org/licenses/>.
**/
package eu.ari.fentec.connector;
import java.util.Arrays;
import org.apache.log4j.Logger;
import org.json.JSONObject;
import eu.ari.fentec.utils.conf.Configuration;
import okhttp3.MediaType;
import okhttp3.OkHttpClient;
import okhttp3.Request;
import okhttp3.RequestBody;
import okhttp3.Response;
/**
* Connector to Exchange
* @author A101866
*
*/
public class ExchangeConnector {
private Logger logger = Logger.getLogger(ExchangeConnector.class);
/**
* @param name
* @param values
* @param gamma
* @return true if the eCoinType is successfully created
*/
public boolean createEcoinType (String name, String values, long[] gamma) {
try {
String gammaS = Arrays.toString(gamma);
gammaS = gammaS.replace("[", "").replace("]", "");
JSONObject jo = new JSONObject();
jo.put("name", name);
jo.put("values", values);
jo.put("gamma", gammaS);
String jsonS = jo.toString(4);
RequestBody body = RequestBody.create(MediaType.parse("Application/Json"), jsonS);
logger.debug("create the ecoin: " + jsonS);
Request request = new Request.Builder().url(Configuration.getConfiguration().getProperty("EXCHANGE_END_POINT") +"ecointype")
.post(body)
.build();
Response response;
OkHttpClient mClient = new OkHttpClient();
response = mClient.newCall(request).execute();
if (response.code() == 200) {
return true;
}else {
logger.error("error while creating ecoin.");
logger.error(" exchange response: "+response.code());
logger.error(" exchange msg: " + response.message());
return false;
}
}catch (Exception e) {
logger.error(e,e);
return false;
}
}
}
/**
*
*FENTEC Functional Encryption Technologies
*Privacy-preserving and Auditable Digital Currency Use Case
*Copyright © 2019 Atos Spain SA
*
*This program is free software: you can redistribute it and/or modify
*it under the terms of the GNU General Public License as published by
*the Free Software Foundation, either version 3 of the License, or
*(at your option) any later version.
*
*This program is distributed in the hope that it will be useful,
*but WITHOUT ANY WARRANTY; without even the implied warranty of
*MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
*GNU General Public License for more details.
*
*You should have received a copy of the GNU General Public License
*along with this program. If not, see <http://www.gnu.org/licenses/>.
**/
package eu.ari.fentec.entities;
import java.security.Signature;
import java.util.Arrays;
import java.util.Calendar;
import java.util.Date;
import org.apache.log4j.Logger;
import org.bouncycastle.util.encoders.Hex;
import eu.ari.fentec.connector.ExchangeConnector;
import eu.ari.fentec.model.AccountContract;
import eu.ari.fentec.model.AccountContractsContainer;
import eu.ari.fentec.model.EcoinIDContainer;
import eu.ari.fentec.model.EcoinMetaData;
import eu.ari.fentec.model.EcoinMetadataContainer;
import eu.ari.fentec.payment.ValidationToken;
import eu.ari.fentec.utils.conf.ConfPnames;
import eu.ari.fentec.utils.conf.Configuration;
import eu.ari.fentec.utils.crypto.Utils;
import eu.ari.fentec.wrapper.CPabe_Wrapper;
import eu.ari.fentec.wrapper.KPabe_Wrapper;
/**
*
* @author A101866
* Trusted authority entity
*/
public class TrustedAuthority implements TrustedAuthorityIf {
private static boolean policyKeysCreated = false;
private static boolean masterKeyCreated = false;
private Logger logger = Logger.getLogger(TrustedAuthority.class);
TrustedAuthorityMetadata tamd = null;
/**
* @param tamd TrustedAuthorityMetadata
*/
public TrustedAuthority(TrustedAuthorityMetadata tamd) {
this.tamd = tamd;
}
/* (non-Javadoc)
* @see eu.ari.fentec.entities.TrustedAuthorityIf#createAccount(java.lang.String, java.lang.String[], long[], java.lang.String, java.lang.String)
*/
@Override
public String createAccount(String name, String[] eCoinTypes, long[] attribs, String policy, String type) {
try {
if (AccountContractsContainer.getContainer().containsKey(name))
return null;
logger.debug ("TrustedAuthority entity, create account");
AccountContract account = new AccountContract(name, eCoinTypes, attribs);
AccountContractsContainer.getContainer().put(account.getName(), account);
logger.debug("getting cpabe wrapper");
KPabe_Wrapper wrapper = new KPabe_Wrapper(Configuration.getKPABELIB(), Configuration.getConfiguration().getProperty(ConfPnames.GOLANG_DEBUG));
//String path = Configuration.getKEYPATH()+ect_name+"/master";
String path = Configuration.getKEYPATH()+"kudo"+"/master";
String pathuser = path+"/"+name;
logger.debug("before generating policy keys");
long startTime = System.nanoTime();
wrapper.GeneratePolicyK(path, pathuser,policy);
long endTime = System.nanoTime();
long timeElapsed = endTime - startTime;
logger.error("MAMM;TIME;GENPOLICYKEY;"+name+";"+timeElapsed);
policyKeysCreated = true;
logger.debug("creating KP ABE key for: " + name);
logger.debug(" path: " + pathuser);
logger.debug(" policy: " + policy);
logger.debug(" attributes: " + Arrays.toString(attribs));
account.setPolicy(policy);
return account.getIDasString();
}catch (Exception e) {
logger.debug(e,e);
return null;
}
}
/* (non-Javadoc)
* @see eu.ari.fentec.entities.TrustedAuthorityIf#getEcoinValidationToken(java.lang.String, boolean)
*/
public ValidationToken getEcoinValidationToken(String ecoinTypeName, boolean twoMonths) {
byte[] id = new Utils().getRandomBytes(16);
EcoinIDContainer.getContainer().put(id, id);
try{
Signature ecdsaSignature = Signature.getInstance("SHA256withECDSA", "BC");
ecdsaSignature.initSign(tamd.ecdsaPrivateKey);
ecdsaSignature.update(id);
byte[] signature = ecdsaSignature.sign();
KPabe_Wrapper wrapper = new KPabe_Wrapper(Configuration.getKPABELIB(), Configuration.getConfiguration().getProperty(ConfPnames.GOLANG_DEBUG));
String bl = new String(Hex.encode(signature));
//long[] g = EcoinMetadataContainer.getContainer().get(ecoinTypeName).getGammaValToken(twoMonths);
long[] g = EcoinMetadataContainer.getContainer().get(ecoinTypeName).getGammaValToken(twoMonths);
//String path = Configuration.getKEYPATH()+ecoinTypeName+"/master";
String path = Configuration.getKEYPATH()+"kudo"+"/master";
Long startTime = System.nanoTime();
String feSignature = wrapper.encrp(path, bl, g);
Long endTime = System.nanoTime();
Long timeElapsed = endTime - startTime;
logger.error("MAMM;TIME;ENCRYPTVALTOK;"+";"+timeElapsed);
//String feSignature = wrapper.encrp(Configuration.getKEYPATH(), ecoinTypeName, "", bl, g);
return new ValidationToken(id, feSignature);
}catch(Exception e) {
if (Configuration.DEBUG) System.out.println(e.getMessage());
if (Configuration.DEBUG) System.out.println(e.toString());
}
return null;
}
/* (non-Javadoc)
* @see eu.ari.fentec.entities.TrustedAuthorityIf#createEcoinMetadata(java.lang.String, int, java.lang.String, java.lang.String)
*/
public boolean createEcoinMetadata(String eCoinTypeName, int numParams, String values, String ectAttrib) {
try {
if (EcoinMetadataContainer.getContainer().containsKey(eCoinTypeName))
return true;
else {
EcoinMetaData ec = new EcoinMetaData( eCoinTypeName,
numParams,
Integer.parseInt(ectAttrib));
EcoinMetadataContainer.getContainer().put(ec.getName(), ec);
logger.debug("before create master keys");
KPabe_Wrapper wrapper = new KPabe_Wrapper(Configuration.getKPABELIB(), Configuration.getConfiguration().getProperty(ConfPnames.GOLANG_DEBUG));
//String path = Configuration.getKEYPATH()+ec.getName()+"/master";
String path = Configuration.getKEYPATH()+"kudo"+"/master";
if (!masterKeyCreated) {
long startTime = System.nanoTime();
wrapper.genMaster( path, ec.getNumParams()+1);
long endTime = System.nanoTime();
long timeElapsed = endTime - startTime;
logger.error("MAMM;TIME;GENMASTER;"+eCoinTypeName+";"+timeElapsed);
masterKeyCreated = true;
}
ExchangeConnector exchange = new ExchangeConnector();
boolean result = exchange.createEcoinType(eCoinTypeName, values, ec.getGammaEcoin(false));
logger.debug("exchange.createEcoinType result: " + result);
return result;
}
}catch (Exception e) {
logger.error(e,e);
return false;
}
}
/**
* @return true if the scheme is correctly initialized
*/
public boolean initCPabe() {
try {
logger.debug("creating cp master key.");
logger.debug("cp_wrapper constructor");
CPabe_Wrapper cp_wrapper = new CPabe_Wrapper(Configuration.getCPABELIB(), Configuration.getConfiguration().getProperty(ConfPnames.GOLANG_DEBUG));
logger.debug("goint to genMaster.");
cp_wrapper.genMaster(ConfPnames.cp_abe_path_master);
logger.debug("cp abe Master created.");
cp_wrapper.GenAttrKeys(ConfPnames.cp_abe_path_master, ConfPnames.cp_abe_path_ATOS, ConfPnames.gammaATOS);
logger.debug("cpabe atos key created");
cp_wrapper.GenAttrKeys(ConfPnames.cp_abe_path_master, ConfPnames.cp_abe_path_FRAUD, ConfPnames.gammaFRAUD);
logger.debug("cpabe fraud key created.");
cp_wrapper.GenAttrKeys(ConfPnames.cp_abe_path_master, ConfPnames.cp_abe_path_TAXES, ConfPnames.gammaTAXES_OFFICE);
logger.debug("cpabe taxes key created");
return true;
}catch (Exception e) {
logger.error(e,e);
return false;
}
}
}
/**
*
*FENTEC Functional Encryption Technologies
*Privacy-preserving and Auditable Digital Currency Use Case
*Copyright © 2019 Atos Spain SA
*
*This program is free software: you can redistribute it and/or modify
*it under the terms of the GNU General Public License as published by
*the Free Software Foundation, either version 3 of the License, or
*(at your option) any later version.
*
*This program is distributed in the hope that it will be useful,
*but WITHOUT ANY WARRANTY; without even the implied warranty of
*MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
*GNU General Public License for more details.
*
*You should have received a copy of the GNU General Public License
*along with this program. If not, see <http://www.gnu.org/licenses/>.
**/
package eu.ari.fentec.entities;
import eu.ari.fentec.payment.ValidationToken;
public interface TrustedAuthorityIf {
/**
* Creates a new eCoin metadata.
*
* @param eCoinTypeName
* @param numParams
* @param values
* @param gammaC
* @param gammaM
* @param exchange
* @return
*/
// public boolean createEcoinMetadata (String eCoinTypeName, int numParams, int[] values, long[] gammaC, long[] gammaM, Exchange exchange);
// public boolean createEcoinMetadata (String eCoinTypeName, int numParams, String values, String gammaC, String gammaM);
public boolean createEcoinMetadata (String eCoinTypeName, int numParams, String values, String ectAttrib);
/**
* creates an account of a user of the platform, the role played will depend on the attributes
*
* @param name
* @param eCoinTypes
* @param attribs
* @param policy
* @return
*/
//public String createAccount (String name, String[] eCoinTypes, long[] attribs, String policy);
public String createAccount(String name, String[] eCoinTypes, long[] attribs, String policy, String type);
/**
* generates a validation token for an ecoin of the type given
* @param ecoinTypeName
* @return
*/
//public ValidationToken getEcoinValidationToken (String ecoinTypeName);
public ValidationToken getEcoinValidationToken (String ecoinTypeName, boolean twoMonths);
}
\ No newline at end of file
/**
*
*FENTEC Functional Encryption Technologies
*Privacy-preserving and Auditable Digital Currency Use Case
*Copyright © 2019 Atos Spain SA
*
*This program is free software: you can redistribute it and/or modify
*it under the terms of the GNU General Public License as published by
*the Free Software Foundation, either version 3 of the License, or
*(at your option) any later version.
*
*This program is distributed in the hope that it will be useful,
*but WITHOUT ANY WARRANTY; without even the implied warranty of
*MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
*GNU General Public License for more details.
*
*You should have received a copy of the GNU General Public License
*along with this program. If not, see <http://www.gnu.org/licenses/>.
**/
package eu.ari.fentec.entities;
import java.security.KeyPair;
import java.security.PrivateKey;